• We value your experience with Plesk during 2024
    Plesk strives to perform even better in 2025. To help us improve further, please answer a few questions about your experience with Plesk Obsidian 2024.
    Please take this short survey:

    https://pt-research.typeform.com/to/AmZvSXkx
  • The Horde webmail has been deprecated. Its complete removal is scheduled for April 2025. For details and recommended actions, see the Feature and Deprecation Plan.
  • We’re working on enhancing the Monitoring feature in Plesk, and we could really use your expertise! If you’re open to sharing your experiences with server and website monitoring or providing feedback, we’d love to have a one-hour online meeting with you.

Question Plesk Onyx + WAF + Atomicorp + nginx = ???

larryk

Regular Pleskian
hello.... i've had a few discussions with people at Atomicorp.

I'm trying to find out WHAT or HOW Plesk is dealing with atomicorp rules for nginx.

atomicorp says: rules for apache are very stable. rules for nginx are beta?
While ASL for nginx is supported.... what does Plesk say about atomicorp rules for nginx?

NOTE: I would be running the 2nd (more powerful rules) NOT the basic one

https://docs.plesk.com/en-US/onyx/a...dsecurity/atomic-modsecurity-rule-sets.75669/


NOTE: Plesk needs to fix this in their docs or settings. It is a naming problem:

THIS IS THE DOCS:

The Atomic Basic ModSecurity rule set includes the following:

The complete Atomic ModSecurity rule set includes the following:

while this is the WAF settings for options:

Atomic Professional ModSecurity
An advanced version of the Atomic ModSecurity rules. Updated on a daily basis.

Atomic ModSecurity (subscription)
The most complete version of the Atomic ModSecurity rules, with all performance enhancements and new security features. Updated in real time. You need an active subscription to use this rule set.


You see that there is only 2 options, but 3 different names?
 
I have the same situation, I'm using nginx (non proxy mode) with Plesk Onyx and looking for a way to use the web application firewall.

I tried the suggested test at http://wiki.atomicorp.com/wiki/index.php/Atomic_ModSecurity_Rules#Step_10:_Test_your_web_server and I get a 404 error, which means the WAF isn't active at all with nginx. It should return a 403 code on the console. I tested this with wget from my client terminal (OS X).

I have the "Atomic Basic ModSecurity" ruleset and the configuration is set to "Tradeoff".

So it seems Plesk Onyx is unable to use the WAF with nginx in non proxy mode.

Btw in my WAF control panel settings it says "Atomic Basic ModSecurity" and "Atomic ModSecurity (subscription)", so I don't see the same issue you have.

Also you're mentioning ASL which stands for "Atomic Secured Linux" this isn't the same as the mix of Plesk Onyx and the Modsecurity WAF using Atomicorp's Ruleset, so you have a "non ASL system". Keep this in mind when reading the WAF test mentioned earlier.
 
long story short...
1) i don't believe all rules work for nginx.... i've talked to atomicorp -- call them :)
2) atomicorp says nginx does work well with ASL, not so much for WAF
 
So it seems Plesk Onyx is unable to use the WAF with nginx in non proxy mode.

You're right. For now there is no mod_security module in nginx in Plesk Onyx, so the WAF will work (on apache side) in proxy mode only.
See also https://docs.plesk.com/en-US/onyx/a...n/web-application-firewall-modsecurity.73383/, "Nginx and ModSecurity Notes (Linux)".

About "Atomic Professional ModSecurity" ruleset - it is "complete Atomic ModSecurity" ruleset actually. The user manual will be fixed.
Option "Atomic ModSecurity (subscription)" provides ability to auth/login into Atomic, so if you succefully auth/login, you will get Atomic Professional ModSecurity ruleset.
 
Back
Top